Re: How to control spam registration?
All in all, here’s my approach that I use on MU/BP sites ~
1) modify the register/register.php wp-signup.php hardcoded default text and url slugs.
2) enable xprofile and require additional fields upon registration.
2) use a captcha ~ i’m fond of ReCatcha
3) make sure you and check the NO setting under “Allow blog administrators to add new users to their blog via the Users->Add New page. ” in wp-admin/wpmu-options.php “Admin > Site Options”
4) I ban or limit the registration domains (also in Admin > Site Options) so that the commonly used spammer domains are blocked from registration and then I add an email contact for owners of these addresses to manually request registration. I hide the email address from bots with HiveLogic EnKoder
5) I then firewall off entire blocks of IP’s from my servers from commonly used spammer IP ranges you can find at sources like spamhaus.org .. and considering that these are one language sites, the need for access for the IP blocks on the pan asia network or eastern europe are unlikely. If you have a multilingual site, this might cause issues to very few users. Cpanel, Plesk, BSD, etc have tools to do this.. if you’re on a shared server, ask your hosting provider if they can do it for you, and they may be likely doing it already.
6) I also recommend using Askimet.